The present invention relates to a storage medium for use in recording and reproducing contents such as image data and music data, and more particularly to a storage medium suitable for preventing recording/reproducing of contents by improper electronic devices and a contents protection method using the storage medium.
In these years, with development of computer technology, various electronic devices, such as a personal computer, a settop box, a player and a game machine, which permit multimedia processing, have been developed. This kind of electronic devices can reproduce various digital contents such as image data and music data stored in a storage medium and can download digital contents and use them via the Internet, etc.
These digital contents can be copied or downloaded, without degradation in quality, by adopting digital coding techniques, e.g., MPEG2, MP3, etc. From the standpoint of protection of copyrights, there is a demand for techniques of preventing unlawful use of such digital contents.
However, the storage medium used in electronic devices such as a personal computer, a settop box and a player are, in most cases, reversible and can be recorded/reproduced in another devices. Further, the specifications of such a storage medium are basically open. Since the digital contents can be freely moved/copied, it is difficult in practice to protect the contents stored in the medium from unlawful copying/moving.
As regards a storage medium, like a memory card, in which a storage portion and a controller are integrated, contents may be protected by providing an access disable region (secret region), which can be accessed by a secret procedure alone and cannot be accessed by a user, and storing in the secrete region important information necessary for the use of contents, such as copy control information and move control information.
In this case, when contents are copied/moved between an electronic device (e.g., a personal computer, a settop box, a player) and the storage medium, the electronic device and the storage medium may mutually authenticate each other to confirm that they are lawful ones and share a predetermined contents protection function relating to the copyright protection (contents protection). If they are properly authenticated, key exchange may be performed in accordance with a shared key generation algorithm and a common authentication key may be acquired individually, and the authentication key may be used to encrypt/decrypt a contents key (i.e., a key for decrypting contents) or encrypt/decrypt the contents.
In the above case, there is a problem. Since the information necessary for the mutual authentication is preset at the stage of shipment of the electronic device, a program running on the electronic device may be modified (or attacked) after it is purchased. As a result, an improper device may be determined to be proper in the mutual authentication. Considering this, the mutual authentication is not enough to surely protect the contents.